K
Q

how to set a kube network policy on a specific host?

11/8/2018

How do I define a network policy YML file so it only allows traffic to and from a hostname like console.cloud.ibm.com?

I only can find how to block from certain IP addresses or namespaces.

-- Johnson
kubernetes
networking

Similar Questions

Kubernetes: Route incoming traffic to specific Pod
IBM Cloud Private 3.1 - unable to login to URL: Unexpected response code 401 from request
x509 Certificate signed by unknown authority - kubeadm
Authentication between microservices in Kubernetes
GKE Autoscaling metrics in absolute value

1 Answer

11/8/2018

You can use Network Policies to block the IP address of what resolves to:

$ dig +short console.cloud.ibm.com
23.204.34.209

The downside is that the IP might change. Network policies are a layer 3 or IP layer feature so you won't see hostnames there. Some background here

If you want to block on hostname you might consider using a Service Mesh like Istio with Envoy which will allow you to control traffic to a host by using Egress Control.

-- Rico
Source: StackOverflow